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DETAILED ACTION 

1 . A request for continued examination under 37 CFR 1 . 1 1 4, including the fee set 
forth in 37 CFR 1 .17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 
08/01/2007 has been entered. 

2. Claims 1,12,14,23-25 are amended. Claims 1-39 are pending. 

Claim Rejections - 35 (JSC § 103 

3. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

4. Claims 1,3,6-8,10-13,23-25,27,30-32,34,37-39 are rejected under 35 U.S.C. 
103(a) as being unpatentable over Sharma et al (hereinafter referred as Sharma) US 
6,754,716 in view of Daude et al (hereinafter referred as Daude) US Patent No 
7,231,660 B1: 

5. As per claims 1 ,23-25:Sharma discloses a method/computer-readable 
medium/apparatus of restricting Address Resolution Protocol (ARP) table updates to 
updates originating from authorized subsystems, the method comprising: receiving an 
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instruction to update an ARP table (See Fig 6 step 602 and col 2 lines 39-43); 
determining whether the particular subsystem within the network device from which the 
instruction originated is authorized (See Fig 6 step 604 and col 3 lines 12-34, Fig 1 step 
106); and only if the particular subsystem is authorized(See Fig 6 step 604 and col 3 
lines 12-34), then updating the ARP table based on the instruction(See Fig 6 step 606 
and col 2 lines 55-65 and col 7 lines 9-19). 

Sharma does not explicitly teach a particular subsystem of a network device 
comprising a plurality of subsystems. However Daude discloses a particular subsystem 
of a network device comprising a plurality of subsystems (See Fig 2 steps 201-205 and 
col 8 lines 50-67,col 9 lines 4-60). 

Therefore it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify the teaching method of Daude within 
Sharma method inorder to provide secure communication among multiple network 
devices. 

6. As per claims 3,27,34: the combination of Sharma and Daude disclose the 
method wherein determining authorized comprise determining whether a Dynamic Host 
Configuration Protocol (DCHP) server is authorized. (See Daude col 8 lines 51-67 and 
Fig 2 steps 201-205). 

7. As per claims 6,30,37: the combination of Sharma and Daude disclose the 
method further comprising: if the particular subsystem is not authorized, then preventing 
the ARP table from being updated based on the instruction (See Sharma Fig 5 step 
504) 
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8. As per claims 7,31 ,38: the combination of Sharma and Daude disclose the 
method further comprising: if the particular subsystem is not authorized, then performing 
the steps of: determining whether a particular network interface through which the 
instruction was received is contained in a set of one or more specified network 
interfaces (See Sharma col 5 line 44 through col 6 line 10 and Fig 5 steps 502, 504); if 
the particular network interface is contained in the set, then preventing the ARP table 
from being updated based on the instruction (See Sharma Fig 5 step 504 and col 7 
line 1-9); and if the particular network interface is not contained in the set, then 

updating the ARP table based on the instruction(See Sharma Fig 5 step 

504 and col 7 line 1-9). 

9. As per claims 8,32,39: the combination of Sharma and Daude 
disclose the method further comprising: if the particular subsystem is not authorized, 
then performing the steps of: determining whether a particular network address 
indicated by the instruction is contained in a set of one or more specified network 
address (See Sharma col 5 line 44 through col 6 line 10 and Fig 5 steps 502, 504); if 
the particular network address is contained in the set, then preventing the ARP table 
from being updated based on the instruction (See Sharma Fig 5 step 504 and col 7 
line 1-9); and if the particular network address is not contained in the set, then 
updating the ARP table based on the instruction(See Sharma Fig 5 step 504 and col 7 
line 1-9). 
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10. As per claims 10: the combination of Sharma and Daude disclose the method 
wherein the ARP table is updated only in response to instructions that are not 
ARP message (See Sharma Sharma col 3 lines 6-34). 
11. As per claim 1 1 : the combination of Sharma and Daude disclose the 

method wherein determining whether the particular system is authorized comprises 

determining whether the particular subsystem is a Hypertext Transfer Protocol (HTTP) 

server (See Sharma col 4 lines 22-51). 

12. As per claim 12:Sharma discloses a method of restricting Address Resolution 
Protocol (ARP) table updates to updates originating from authorized 
subsystems, the method comprising: receiving an instruction to update 
an ARP table (See Sharma Fig 6 step 602 and col 2 lines 39-43); 
determining whether a particular network interface through which the instruction was 
received is contained in a set of one or more specified network interfaces (See 
Sharma col 5 line 44 through col 6 line 10); determining whether a particular network 
address indicated by the instruction is contained in a set of one or more specified 
network addresses(See Sharma Fig 6 step 604 and col 3 lines 12-34); if the particular 
network interface is not contained in the set of one or more specified network interfaces, 
and if the particular network address indicated by the instruction is not contained in the 
set of one or more specified network addresses, then updating the ARP table 
based on the instruction(See Sharma col 2 lines 55-65 and col 7 lines 1-9); 
and 
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if the particular network interface is contained in the set of one or more specified 
network interfaces, of if the particular network address is contained in the set of one or 
more specified network addresses, then performing steps comprising: determining 
whether a particular subsystem from which the instruction originated is authorized(See 
Sharma Fig 6 step 604 and col 3 lines 12-34); only if the particular subsystem is 
authorized, then updating the ARP table based on the instruction(See Sharma col 7 
lines 9-15); and if the particular subsystem is not authorized, then preventing the ARP 
table from being updated based on the instruction(See Sharma col 7 lines 1-9). 

Sharma does not explicitly disclose a network device on a particular network 
device among a plurality of network interfaces. 

However Daude discloses a network device on a particular network device 
among a plurality of network interfaces (See Daude col 8 lines 51-67 and Fig 2 steps 
201-205). 

Therefore it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify the teaching method of Daude within 
Sharma method inorder to provide secure communication among multiple network 
devices. 

13. As per claim 13: the combination of Sharman and Daude disclose wherein 
receiving the instruction to update the ARP table comprises receiving and ARP 
message that indicates an association between a network layer address and a data link 
layer address. (See Sharma Fig 2 step 200 and Fig 6 step 606) 
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14. Claims 2,4-5,26,28-29,35-36 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Sharma et al (hereinafter referred as Sharma) US 6,754,716 in 
view of Wilson (US Pub No 2001/0054101) and Daude et al (hereinafter referred as 
Daude) US Patent No 7,231,660 B1. 

15. As per claim 2,26,33: the combination of Sharma and Daude disclose claim 1 as 
recited above. The combination of Sharma and Dude do not disclose the particular 
subsystem is a Dynamic Host Configuration Protocol Server, an Authentication, and 
Authorization, Accounting (AAA) server or a Network Address Translator (NAT). 

However Wilson teaches the particular subsystem is a Dynamic Host 
Configuration Protocol Server, an Authentication, and Authorization, Accounting (AAA) 
server or a Network Address Translator (NAT)(See 0007 Fig 3 steps 314,316). 

Therefore it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify the method disclosed by Sharma and 
Daude to include a Dynamic Host Configuration Protocol Server, an Authentication, and 
Authorization, Accounting (AAA) server or a Network Address Translator (NAT). 

This modification would have been obvious because a person having ordinary 
skill in the art would have been motivated to do so, as suggested by Sharma (See col 1 
line 66 through col 2 line 3) inorder to restrict communications between network devices 
on common subnet such as any network devices can be restricted to communicating 
only with a predefined set of authorized of validated network devices. 

16. As per claims 4,28,35: the combination of Sharma and Daude discloses claim 1 
as recited above. Sharma does not disclose the method wherein determining whether 
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the particular system is authorized comprises determining whether the particular 
subsystem is NAT server. 

However Wilson teaches the method wherein determining whether the particular 
system is authorized comprises determining whether the particular subsystem is NAT 
server. (See 0007 Fig 3 steps 314,316) 

Therefore it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify the method disclosed by Sharma and 
Daude to include determining whether the particular system is authorized comprises 
determining whether the particular subsystem is NAT server. 

This modification would have been obvious because a person having ordinary 
skill in the art would have been motivated to do so, as suggested by (See col 3 lines 16- 
19) inorder to restrict communications between network devices on common subnet 
such as any network devices can be restricted to communicating only with a predefined 
set of authorized of validated network devices. 

17. As per claims 5,29,36: the combination of Sharma and Daude disclose claim 1 as 
recited above. Sharma does not disclose the method wherein determining whether the 
particular system is authorized comprises determining whether the particular subsystem 
is an authentication authorization accounting (AAA) server. 

However Wilson teaches determining whether the particular system is authorized 
comprises determining whether the particular subsystem is an authentication 
authorization accounting (AAA) server (See 0007 Fig 3 steps 314,316) 
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Therefore it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify the method disclosed by Sharma and 
Daude to include a Dynamic Host Configuration Protocol Server, an Authentication, and 
Authorization, Accounting (AAA) server or a Network Address Translator (NAT). 

This modification would have been obvious because a person having ordinary 
skill in the art would have been motivated to do so, as suggested by Sharma (See col 1 
line 66 through col 2 line 3) inorder to restrict communications between network devices 
on common subnet such as any network devices can be restricted to communicating 
only with a predefined set of authorized of validated network devices. 

18. Claim 9 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
Sharma et al (hereinafter referred as Sharma) US 6,754,716 in view of Daude et al 
(hereinafter referred as Daude) US Patent No 7,231,660 B1 and in further view of 
Massarani (US 6,393,484 B1). 

1 9. As per claim 9: the combination of Sharma and Daude disclose claim 1 as recited 
above. The combination of Sharma and Daude do not disclose the method comprising 
determining whether a specified amount of time has passed since a time indicated by a 
timestamp associated with an entry in the ARP table; and if the specified amount of time 
has passed then removing the entry from the ARP table. 

However Massarani teaches the method comprising determining whether a 
specified amount of time has passed since a time indicated by a timestamp associated 
with an entry in the ARP table (See abstract and See Fig 7 steps 701); and if the 
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specified amount of time has passed then removing the entry from the ARP table (See 
abstract and See Fig 7 steps 701). 

Therefore it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify the method disclosed by Sharma and 
Daude to include determining whether a specified amount of time has passed since a 
time indicated by a timestamp associated with an entry in the ARP table; and if the 
specified amount of time has passed then removing the entry from the ARP table. 

This modification would have been obvious because a person having ordinary 
skill in the art would have been motivated to do so, as suggested by Massarani (See col 
3 lines 16-19) inorder to prevent unauthorized devices and users from obtaining network 
services in a dynamic user address environment. 

20. Claims 14-22 are rejected under 35 U.S.C. 103(a) as being unpatentable 
Massarani (hereinafter referred as Massarani) US 6,393,484 B1 in view of Chien et 
al(hereinafter referred as Chien( US Pub No 20030115345) and further in view of 
Daude et al (hereinafter referred as Daude) US Patent No 7,231,660 B1 . 

21 . As per claim 14: Massarani discloses the method of sending an instruction to 
update an Address Resolution Protocol (ARP) table in a system in which ARP table 
updates are restricted to updates originating from authorized subsystems, the method 
comprising: in response to receiving the message, determining whether the network 
layer address is bound with a data link layer address in the ARP table (See Fig 3 step 
310 and col 5 lines 31-54); and only (See Fig 3 step 310 and col 5 lines 31-54); and if 
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the network layer address is not bound with a data link layer address, then sending an 
instruction to update an ARP table(See Fig 4 step 416 and col 5 lines 31-54) 

Massarani does not explicitly teach receiving a request to update the ARP table 
from a Dynamic Host Configuration Protocol (DHCP) in a DHCP message that indicates 
a network layer address (See Fig 3 step 308 and col 5 lines 31-54); 

However Chien teaches receiving a request to update the ARP table from a 
Dynamic Host Configuration Protocol (DHCP) in a DHCP message that indicates a 
network layer address (See paragraph 0063-0066). 

Therefore it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify the method disclosed by Massarani to 
include receiving a, request to update the ARP table from a Dynamic Host Configuration 
Protocol (DHCP) in a DHCP message that indicates a network layer address. 

This modification would have been obvious because a person having ordinary 
skill in the art would have been motivated to do so, as suggested by Massarani (See col 
3 lines 16-19) inorder to prevent unauthorized devices and users from obtaining network 
services in a dynamic user address environment. 

The combination of Massarani and Chien do not disclose subsystem of a network 
device comprising a plurality of subsystems. 

However Daude discloses subsystem of a network device comprising a plurality 
of subsystems (See Fig 2 steps 201-205 and col 8 lines 50-67,col 9 lines 4-60). 

Therefore it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify the teaching method of Daude within the 
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combination of Massarani and Chien inorder to provide secure communication among 
multiple network devices. 

22. As per claim 15: the combinations of Massarani-Chien-Daude disclose the 
method wherein the instruction is to update the ARP table to contain a binding between 
the network layer address and data link layer address of a DHCP client that sent the 
message (Massarani col 5 lines 31-54) 

23. As per claim 16: the combinations of Massarani-Chien-Daude disclose the 
method comprising determining whether a lease associated with the network layer 
address has expired (See Massarani col 7 lines 27-37); and if the lease has expired, 
then sending an instruction to update the ARP table (See abstract). 

24. As per claim 17: the combinations of Massarani-Chien-Daude disclose the 
method determining whether a lease associated with the network layer address has 
expired (See Massarani col 7 lines 27-37); and if the lease has expired, then sending an 
instruction to remove, from the ARP table, an entry that contains the network layer 
address (See Massarani col 7 lines 27-37). 

25. As per claim18: the combinations of Massarani-Chien-Daude disclose the 
method comprising receiving a particular DHCP message requests an extension of a 
lease (See Massarani abstract); and response to receiving the particular DHCP 
message, sending an instruction to update the ARP table (See Massarani abstract). 

26. As per claim 19: the combinations of Massarani-Chien-Daude disclose the 
method comprising receiving a particular DHCP message that relinquishes a lease (See 
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abstract); and in response to receiving the particular DHCP message, sending an 
instruction to update the ARP table (See Massarani abstract). 

27. As per claim 20: the combinations of Massarani-Chien-Daude disclose the 
method comprising if the network layer address is not bound with a data link layer 
address, then sending an instruction to start a process in connection with the network 
layer address (See Massarani col 5 lines 25-54). 

28. As per claim 21 : the combinations of Massarani-Chien-Daude disclose the 
method comprising determining whether a lease associated with the network layer 
address has expired (See Massarani Fig 6 step 603); and if the lease has expired, then 
sending an instruction to stop a process in connection with the network layer address 
(See Massarani Fig 6 step 603 and col 7 lines 9-23). 

29. As per claim 22: the combinations of Massarani-Chien-Daude disclose the 
method comprising receiving a particular DHCP message that relinquishes a lease 
(See Massarani Fig 6 step 601); and in response to receiving the particular DHCP 
message, sending an instruction to stop a process in connection with the network 
layer address (See Massarani Fig 7 step 704 and col 7 lines 9-23). 

Conclusion 

30. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. See PTO 892. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Fikremariam Yalew whose telephone number is 
5712723852. The examiner can normally be reached on 9-5. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Moazzami Nasser can be reached on 571-272-4195. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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